Method and apparatus for setting profile

ABSTRACT

A method and apparatus for setting profiles are provided. The profile setting method Includes receiving, from a first terminal, a profile transfer request message that requests transfer of a first profile or portion thereof from a first secure element to a second secure element; sending, to the first terminal, a request message requesting the first profile or portion thereof; receiving, from the first terminal, the first profile or portion thereof; configuring a second profile using the received first profile or portion thereof; and sending, to a second terminal, the configured second profile.

PRIORITY

This application claims priority under 35 U.S.C. §119(a) to a KoreanPatent Application filed on May 30, 2013 in the Korean IntellectualProperty Office and assigned Serial No. 10-2013-0061851, the entirecontent of which is incorporated herein by reference.

BACKGROUND

1. Field of Invention

The present invention generally relates to a method and apparatus forsetting profiles stored in a mobile terminal.

2. Description of the Related Art

A Universal Integrated Circuit Card (UICC) is a smart card inserted andused in a mobile terminal. The UICC stores personal information of amobile communication subscriber, such as authentication information fornetwork access, phonebook data, and text messages. When the mobileterminal connects to a mobile communication network such as a GlobalSystem for Mobile Communications (GSM), Wideband Code Division MultipleAccess (WCDMA) or Long Term Evolution (LTE) network, the UICC performssubscriber authentication and traffic security key generation to therebyenable secure mobile communication. The UICC may store communicationapplications including a Subscriber Identity Module (SIM), UniversalSubscriber Identity Module (USIM), and IP Multimedia Services IdentityModule (ISIM) according to the type of mobile communication network towhich the subscriber connects. In addition, the UICC provides a highlevel security function to install a variety of applications such aselectronic wallets, tickets and passports.

A typical UICC is manufactured as a proprietary smart card of a specificmobile network operator according to requests of the mobile networkoperator. At the time of shipment, such a UICC is pre-embedded withauthentication information for access to the corresponding mobileoperator network (e.g. USIM application, International Mobile SubscriberIdentity (IMSI), and key value (K)). Hence, the mobile network operatorreceives a manufactured UICC and provides the received UICC to asubscriber, and later, if necessary, performs management of the UICC byinstalling, modifying and removing an application through Over-The-Air(OTA) programming or the like. After inserting the UICC into a mobileterminal, the subscriber may manipulate the mobile terminal to usenetwork and application services of the corresponding mobile networkoperator. To change terminals, the subscriber removes the UICC from theexisting terminal and inserts it into a new terminal. Hence, theauthentication information, the mobile phone number and the phonebookdata stored in the UICC may be used in the new terminal.

The European Telecommunications Standards Institute (ETSI) has definedphysical configurations and logical functions of UICCs to maintainworldwide compatibility. The form factor specifying physicalconfigurations has continuously decreased: mini-SIMs (most widely used)were followed by micro-SIMs (introduced several years ago), andnano-SIMs (introduced in recent years). The development of smaller SIMcards has contributed to the development of smaller terminals. However,it is expected that it will be difficult to standardize UICC cardssmaller than recently specified nano-SIMs because of the high likelihoodof losing a card. It is also expected that it will be difficult tofurther miniaturize removable UICC cards, because space for card slotsis needed in terminals.

Removable UICC cards may be unsuitable for machine-to-machine (M2M)devices, such as smart home appliances, electricity meters, water metersand Closed Circuit Television (CCTV) cameras, which require access tomobile data networks in various deployment environments without directhuman intervention.

To address the above-mentioned problems, it is proposed to embed asecure element that has UICC or similar functions in a mobile terminalat the time of manufacture, in place of a removable UICC. However, suchan embedded secure element would be irremovable after being installed ina mobile terminal. Hence, the mobile terminal may be unable to pre-storeauthentication information for access to a mobile operator network (suchas USIM application, IMSI and key value) at the time of manufactureunless the mobile terminal is manufactured as a proprietary terminal ofa particular mobile network operator. It would only be possible toconfigure such authentication information in a mobile terminal after auser who has purchased a mobile terminal subscribes to a mobile networkoperator.

In addition, unlike an existing UICC card that is manufactured anddistributed as a proprietary card of a particular mobile networkoperator, a new embedded secure element would enable authenticationinformation of various mobile network operators to be installed andmanaged in a secure and flexible manner when a user who has purchased acorresponding mobile terminal subscribes to a mobile network operator,unsubscribes from a mobile network operator, or changes mobile networkoperators. According to various usage scenarios such as a purchase of anew terminal, the new embedded secure element would also enableconfigured authentication information and stored user data to besecurely transferred to a new mobile terminal.

SUMMARY

The present invention has been made to address the above problems anddisadvantages and to provide at least the advantages described below.Accordingly, an aspect of the present invention is to provide aneffective method for setting a profile.

In accordance with an aspect of the present invention, a method forsetting profiles for a profile server is provided. The method includesreceiving, from a first terminal, a profile transfer request messagethat requests transfer of a first profile or portion thereof from afirst secure element to a second secure element; sending, to the firstterminal, a request message requesting the first profile or portionthereof; receiving, from the first terminal, the first profile orportion thereof; configuring a second profile using the received firstprofile or portion thereof; and sending, to a second terminal, theconfigured second profile.

In accordance with another aspect of the present invention, a profileserver is provided. The profile server includes a communication unitconfigured to receive, from a first terminal, a profile transfer requestmessage that requests transfer of a first profile or portion thereoffrom a first secure element to a second secure element, to send, to thefirst terminal, a request message requesting the first profile or aportion thereof, and to receive, from the first terminal, the firstprofile or a portion thereof; and a controller configured to configure asecond profile using the received the first profile or portion thereofand to control sending, to a second terminal, the configured secondprofile.

In accordance with another aspect of the present invention, a method ofsetting profiles for a terminal is provided. The method includessending, to a profile sever, a profile transfer request message thatrequests transfer of a first profile or portion thereof from a firstsecure element to a second secure element; receiving, from the profileserver, a request message requesting the first profile or a portionthereof; and sending, to the profile sever, the first profile or aportion thereof, wherein a second profile for the second secure elementis configured using the first profile or a portion thereof.

In accordance with another aspect of the present invention, a terminalis provided. The terminal includes a communication unit configured tosend, to a profile sever, a profile transfer request message thatrequests transfer of a first profile or a portion thereof from a firstsecure element to a second secure element and to receive, from theprofile server, a request message requesting the first profile or aportion thereof; and a controller configured to control sending, to theprofile sever, the first profile or a portion thereof, wherein a secondprofile for the second secure element is configured using the receivedfirst profile or portion thereof.

BRIEF DESCRIPTION OF THE DRAWINGS

The above and other aspects, features, and advantages of the presentinvention will be more apparent from the following detailed description,taken in conjunction with the accompanying drawings, in which:

FIG. 1 illustrates an architecture of a communication system accordingto an embodiment of the present invention;

FIG. 2 is a flowchart of a profile setting procedure according to anembodiment of the present invention;

FIG. 3 illustrates a data structure in a mobile terminal according to anembodiment of the present invention;

FIG. 4 is a flowchart of a profile activation procedure according to anembodiment of the present invention;

FIG. 5 is a sequence diagram illustrating a profile setting procedureaccording to a first embodiment of the present invention;

FIG. 6 is a sequence diagram illustrating a profile setting procedureaccording to a second embodiment of the present invention;

FIG. 7 is a block diagram of a profile provider according to anembodiment of the present invention;

FIG. 8 is a block diagram of a profile manager according to anembodiment of the present invention; and

FIG. 9 is a block diagram of a mobile terminal according to anembodiment of the present invention.

DETAILED DESCRIPTION OF EMBODIMENTS OF THE PRESENT INVENTION

Hereinafter, embodiments of the present invention are described indetail with reference to the accompanying drawings.

Descriptions of functions and constructions that are well-known in therelevant art and are not directly related with the present invention areomitted to avoid obscuring the subject matter of the present invention.

In the drawings, some elements are exaggerated, omitted or only outlinedin brief, and thus may not be drawn to scale. The same reference numbersare used throughout the drawings to refer to the same or like elements.

FIG. 1 illustrates an architecture of a communication system accordingto an embodiment of the present invention.

Referring to FIG. 1, the communication system includes first and secondmobile terminals 105 and 106, first and second embedded Secure Elements(eSEs) 107 and 108, respectively installed in the first and secondmobile terminals 105 and 106, a profile provider 102, first and secondprofile managers 103 and 104, and an address search server 111. In anembodiment of the present invention, the address search server 111 maybe omitted.

The first and second embedded secure elements 107 and 108 may include anembedded secure element that may be attached to a substrate of the firstor second mobile terminals 105 and 106 or installed therein. Theembedded UICC (eUICC) is a type of secure element embedded in aterminal. First and second profiles 109 and 110 are installed assoftware items in the first and second embedded secure elements 107 and108, respectively. The first and second profiles 109 and 110 aresoftware packages containing information corresponding to one or moreexisting removable UICCs. For example, the first and second profiles 109and 110 may be defined as software packages that contain user data, suchas one or more applications, subscriber authentication information andphonebook data, embedded in a UICC.

The profile provider 102 may be directly operated by a Mobile NetworkOperator (MNO) or may be operated by an agent fully trusted by the MNO.The profile provider 102 generates a profile for a subscribersubscribing to the corresponding mobile network operator, encrypts theprofile, and sends the encrypted profile to the first and second profilemanagers 103 and 104. The profile provider 102 may be implemented as,for example, a profile providing server as in FIG. 1.

The first and second profile managers 103 and 104 manage profiles forthe first and second embedded secure elements 107 and 108, respectively.Due to characteristics of secure elements based on smart cardtechnology, the same security key information is configured in both thefirst and second embedded secure elements 107 and 108 and the first andsecond profile managers 103 and 104 before the first and second mobileterminals 105 and 106 are sold to a user (typically, at the time ofterminal manufacture). Hence, the first and second profile managers 103and 104 may be operated by the manufacturer of the first and secondembedded secure elements 107 and 108 or the first and second mobileterminals 105 and 106. The first and second profile managers 103 and 104may be implemented as, for example, a profile management server as inFIG. 1.

The first and second profile managers 103 and 104 each receive anencrypted profile from the profile provider 102 and securely send thesame to the corresponding first and second embedded secure elements 107and 108, which decrypt and install the profiles. Thereafter, the firstand second profile managers 103 and 104 each perform profile managementincluding profile activation, deactivation, backup or deletion.According to the terminal state of a subscription to mobile networkoperators, the first and second embedded secure elements 107 and 108 maystore multiple profiles. In this case, if the first and second mobileterminals 105 and 106 connect to a mobile communication network, one ofthe profiles stored in the first and second embedded secure elements 107and 108 is selected and used.

FIG. 2 is a flowchart of a profile setting procedure according to anembodiment of the present invention.

FIG. 2 describes a procedure in which, in response to a request for aprofile transfer from the first embedded secure element 107 to thesecond embedded secure element 108, profile information of the firstembedded secure element 107 is backed up and reconfigured so as to beinstallable in the second embedded secure element 108, the reconfiguredprofile is installed in the second embedded secure element 108, andprocessing continues according to the results of installation andAuthentication Center (AuC) update.

Referring to FIG. 2, at step 202, the profile provider 102 or firstprofile manager 103 receives a profile transfer request from a user oruser terminal. The profile transfer request message may include anidentifier of the first mobile terminal 105 or first embedded secureelement 107 and an identifier of the second mobile terminal 106 orsecond embedded secure element 108. When multiple profiles are stored inthe first embedded secure element 107, the profile transfer requestmessage may further include, an indication of the desired profile, atleast one of a profile identifier, Mobile Subscriber Integrated ServicesDigital Network-Number (MSISDN, phone number), and IMSI. Then, theprofile manager 103 sends a profile backup request message to the firstmobile terminal 105.

At step 203, the first profile 109 stored in the first embedded secureelement 107 is backed up, encrypted, and sent to the profile providingserver 102. Here, the first embedded secure element 107 of the firstmobile terminal 105 encrypts the first profile 109 using a public key ina certificate of the profile provider server 102. Alternatively, thefirst embedded secure element 107 of the first mobile terminal 105generates a symmetric key for encryption and decryption and encrypts thefirst profile 109 using the symmetric key, and encrypts the symmetrickey using the public key in the certificate of the profile providerserver 102 and sends the encrypted symmetric key to the profile providerserver 102.

In an embodiment of the present invention, the first mobile terminal 105encrypts the entire contents of the first profile 109 for transfer. Inanother embodiment of the present invention, the first mobile terminal105 encrypts only user data of the first profile 109 (such as phonebookdata) excluding security-sensitive data (such as the USIM authenticationkey K) and sends the encrypted data. In this case, the profile provider102 may add data corresponding to the unsent contents at step 204(described below). In another embodiment of the present invention, ifnecessary, the user selects a portion of applications and dataconstituting the first profile 109 to be transferred to the secondembedded secure element 108.

FIG. 3 illustrates a structure of data in a mobile terminal according toan embodiment of the present invention.

Referring to FIG. 3, the mobile terminal 300 has a terminal ID 302. TheeSE 310 embedded in the mobile terminal 300 has an eSE ID 303. The eSE310 stores a profile 320.

The profile 320 has a profile ID 304. The profile 320 includes a USIM330. The USIM 330 includes an IMSI 307 and K 308. The profile 320further includes supplementary values 305 and 306, which are used todeactivate the profile 320 when the profile 320 is illegitimately copiedor cloned to another eSE. The profile 320 may further include an eSE ID305 indicating the identifier of the eSE in which the profile 320 is tobe installed. Here, terminal ID may be used instead of eSE ID, eSE IDand terminal ID may be used together, or a combination of eSE ID andterminal ID may be used. Later, for ease of description, it is assumedthat only eSE ID is used in the field 305.

The profile 320 may further include a digital signature 306. The digitalsignature 306 may be used to detect illegitimate modification of the eSEID 305 or USIM 330 by a third party attempting to clone the eSE 310. Theprofile provider may generate the digital signature 306 by applying adigital signing procedure to the profile ID 304, eSE ID and/or terminalID 305, and IMSI 307 and/or K 308 of the USIM 330.

In one embodiment of the present invention, the digital signature 306may be generated using the following Equation 1.Digital Signature=RSAwithSHA1(Profile ID|eSE ID|IMSI)  Equation 1

When the digital signature 306 is generated using the profile ID 304,eSE ID 305 and IMSI 307, illegitimate copying of both the profile 320and the USIM 330 through examination of the digital signature 306 isprevented.

In another embodiment of the present invention, the digital signature306 is generated using only the profile ID 304 and eSE ID 305. That is,the digital signature 306 is generated using the following Equation 2.Digital Signature=RSAwithSHA1(Profile ID|eSE ID)  Equation 2

In this embodiment of the present invention, illegitimate copying of theprofile 320 is prevented while illegitimate copying of the USIM 330 isnot prevented.

In another embodiment of the present invention, the digital signature306 may be generated using only the profile ID 304 and IMSI 307. Thatis, the digital signature 306 may be generated using the followingEquation 3.Digital Signature=RSAwithSHA1(Profile ID|IMSI)  Equation 3

In this embodiment of the present invention, illegitimate copying of theprofile 320 is not prevented, while illegitimate copying of the USIM 330is prevented.

FIG. 4 is a flowchart of a profile activation procedure according to anembodiment of the present invention. The mobile terminal 300 activatesthe profile according to the procedure of FIG. 4, and detectsillegitimate copying of the profile and/or the USIM.

Referring to FIG. 4, at step 402, the embedded secure element (eSE) 310selects a profile. In an embodiment of the present invention, the eSE310 selects a profile according to a user selection through thetouchscreen or keypad. In another embodiment of the present invention,when the mobile terminal 300 boots or transitions from flight mode tocommunication mode, the eSE 310 automatically selects a profile. The eSE310 selects at least one stored profile in a suitable manner.

At step 403, the eSE 310 verifies the eSE ID in the selected profile. Asdescribed above, the terminal ID may be used instead of the eSE ID, or acombination of the eSE ID and terminal ID may be used.

If the eSE ID is not correct, the eSE 310 proceeds to step 404 at whichthe eSE 310 does not use the selected profile. Here, the eSE 310discards the selected profile. Then, the eSE 310 selects another profileand repeats the above procedure. Here, a profile having an incorrectidentifier is not used. If the eSE ID is correct, the eSE 310 proceedsto step 405.

At step 405, the eSE 310 verifies the digital signature in the selectedprofile. If the digital signature is correct, the eSE 310 proceeds tostep 406 at which the eSE 310 uses the selected profile. If the digitalsignature is not correct, the eSE 310 proceeds to step 404 at which theeSE 310 does not use the selected profile and discards it.

Referring to FIG. 2, at step 204, the profile provider 102 reconfiguresthe second profile 110 using data in the received first profile 109.

For profile reconfiguration with reference to a scheme for illegitimatecopy prevention described in FIGS. 3 and 4, the profile provider 102replaces the identifier of the first embedded secure element 107 in thefirst profile 109 with the identifier of the second embedded secureelement 108 and regenerates the signature correspondingly.

In addition, if the reconfigured second profile 110 is successfullyinstalled in the second embedded secure element 108, the existing firstprofile 109 installed in the first embedded secure element 107 isremoved or invalidated. If the first profile 109 is not removed due to atechnical error or malicious intent, to prevent illegitimate use of thefirst profile 109, the profile provider 102 generates the second profileusing the USIM authentication key K of the second profile 110 to beinstalled in the second embedded secure element 108 at step 204. The Kof the second profile 110 may differ from that of the first profile 109.Alternatively, the profile provider 102 sends the AuC of thecorresponding mobile network operator a request for updating the K ofthe first profile 109 with that of the second profile 110. Then, the AuCupdates the K in accordance with the profile. While the first profile109 is not removed from the first embedded secure element 107, as the Kof the AuC is changed, the first mobile terminal 105 is unable toconnect to a 3GPP network using the USIM of the first profile 109. Inother words, when a connection approval request is received from thefirst mobile terminal 105 using the first profile 109, the AuC performsauthentication using the K stored in the AuC. In this embodiment of thepresent invention, as the K stored in the AuC is updated with the Kcorresponding to the second profile 110, the connection approval requestmade by the first mobile terminal 105 using the old K is rejected.

At step 205, the reconfigured second profile 110 is installed in thesecond embedded secure element 108. The installation result is sent tothe profile provider 102 and the first and second profile managers 103and 104.

If installation of the second profile 110 is unsuccessful, the procedureends. Hence, the first profile 109 installed in the first mobileterminal 105 remains in the same state as before the profile transferrequest was made.

If installation of the second profile 110 is successful, the profileprovider 102 proceeds to step 206 at which the profile provider 102sends an update K request to the AuC. The AuC updates the K and sendsthe update result to the profile provider 102.

If update of the K is successful, the profile provider 102 proceeds tostep 208 at which the profile provider 102 sends a request message fordeleting the first profile 109 to the first mobile terminal 105. Then,the first mobile terminal 105 deletes the first profile 109. Asdescribed above, although the first profile 109 is not removed at step208 due to a technical error or malicious intent, as the AuC has updatedthe K at operation 206, the first mobile terminal 105 using the firstprofile 109 is not allowed to access the network.

If update of the K is unsuccessful at step 206, the profile provider 102proceeds to step 207 at which the profile provider 102 sends a requestmessage to delete the second profile 110 to the second mobile terminal106. Then, the second mobile terminal 106 deletes the second profile 110and returns to the state before the profile transfer request was made.Here, although the second profile 110 is not removed due to a technicalerror or malicious intent, as the AuC has failed to update the K at step206, the second mobile terminal 106 using the second profile 110 is notallowed to access the communication network.

Through the procedure described above, the profile is transferred fromthe first mobile terminal 105 to the second mobile terminal 106 in asecure manner. If a failure occurs at any step of the procedure, theinitial state is recovered as in the case of transaction processing.

FIG. 5 is a sequence diagram illustrating a profile setting procedureaccording to an embodiment of the present invention.

The embodiment described in FIG. 5 may be realized on the systemdisclosed in FIG. 1.

Referring to FIG. 5, at step 505, the MNO 502 receives a profiletransfer request message from a user 500. With regard to FIG. 2, theprofile transfer request message includes an identifier of the firstmobile terminal 105 or first embedded secure element 107 and anidentifier of the second mobile terminal 106 or second embedded secureelement 108. If multiple profiles are stored in the first embeddedsecure element 107, the profile transfer request message furtherincludes, to indicate a desired profile, at least one of a profileidentifier, MSISDN and IMSI.

In step 510, user authentication is performed between the MNO 502 andthe user 500. A request from an unauthorized user is rejected. If userauthentication is successfully, the procedure continues to the nextstep.

In step 515, the MNO 502 forwards the received profile transfer requestmessage to the profile provider 102.

In step 520, to find the address of a profile manager related to thefirst embedded secure element 107 of the first mobile terminal 105 atwhich the profile to be transferred is stored, the profile provider 102sends a query to the address search server 111 and receives acorresponding response therefrom. Instead of the address search server111, another type of address search interface or address storage devicemay beused. The address search server 111 is implemented as adistributed server such as a Domain Name Service (DNS) server.Alternatively, the profile provider 102 may directly store and manageaddresses corresponding to individual embedded secure elements. In thisembodiment of the present invention, the profile provider 102 finds theaddress of the first profile manager 103 without external communication,where the address may be in the form of an IP address and/or a domainaddress.

In step 525, the profile provider 102 sends a profile backup requestmessage to the first profile manager 103, using the found address, wherethe profile backup request message includes an identifier of the firstprofile 109 to be transferred, an identifier of the first embeddedsecure element 107 (or the first mobile terminal 105), and a certificateof the profile provider 102. The certificate of the profile provider 102includes an identifier of the MNO 502 as a field, and signing isperformed based thereon.

In step 530, the first profile manager 103 forwards the profile backuprequest message to the first mobile terminal 105. The first profilemanager 103 extracts the identifier of the first mobile terminal 105 orfirst embedded secure element 107 from the received profile backuprequest message, and identifies the destination to which the profilebackup request message is to be forwarded. In particular, if an MSISDNis delivered through step 515, an SMS message may be sent as a profilebackup request message to the desired terminal, where the profile backuprequest message includes an identifier of the first profile 109 and acertificate of the profile provider 102.

Upon reception of the profile backup request message, at step 535, thefirst mobile terminal 105 encrypts the profile. The first embeddedsecure element 107 of the first mobile terminal 105 identifies theidentifier of the target profile 109 from the received profile backuprequest message. The first embedded secure element 107 encrypts at leasta portion of the target profile 109. Profile encryption is described indetail with reference to FIG. 2.

In FIG. 5, in step 540, the first mobile terminal 105 sends theencrypted profile to the first profile manager 103. Only when the MNO IDcontained in the certificate of the profile provider is identical to theMNO ID contained in the profile 109 and the certificate is determined tobe valid, are steps 535 (encryption) and 540 (transfer) performed.

In step 545, the first profile manager 103 forwards the backed-upprofile to the profile provider 102.

In step 550, the profile provider 102 configures a second profile 110 onthe basis of the received profile and a new K. A description of how toconfigure the second profile 110 is provided with reference to FIGS. 2to 4.

In FIG. 5, in step 555, the profile provider 102 finds the address ofthe profile manager 105 related to the second embedded secure element108 that will receive the second profile 110 through communication withthe address search server 111. Address search is similar to that in step520. As described above, when the profile provider 102 directlymaintains address information, it finds a desired address withoutexternal communication.

In step 560, the profile provider 102 installs the second profile 110 inthe second embedded secure element 108 of the second mobile terminal 106via the second profile manager 104. The second profile 110 may beencrypted as in the case of the first profile 109. If installation issuccessful, the procedure continues to the next step.

In step 565, the profile provider 102 sends the AuC of the MNO 502 arequest message for updating the K of the corresponding profile.

In step 570, the AuC notifies the profile provider 102 of the updateresult.

If update of the K is successful, in step 575, the profile provider 102sends a request message for deleting the first profile 109 to the firstmobile terminal 105. If update of the K is unsuccessful, the secondprofile 110 will be deleted.

FIG. 6 is a sequence diagram illustrating a profile setting procedureaccording to an embodiment of the present invention.

The embodiment of the invention disclosed in FIG. 6 is similar to thatof FIG. 5, but differs in that profile transfer is triggered by thefirst mobile terminal 105.

Referring to FIG. 6, according to a user input or the like, the firstmobile terminal 105 attempts to transfer the first profile 109 to thesecond embedded secure element 108 of the second mobile terminal 106. Instep 605, the first mobile terminal 105 finds the address of a profilemanager related to the first embedded secure element 107 throughcommunication with the address search server 111. As described above,when the first mobile terminal 105 directly maintains such addresses,step 605 is skipped.

In step 610, the first mobile terminal 105, using the found address,sends a profile transfer request message to the first profile manager103. The profile transfer request message includes an identifier of thefirst embedded secure element 107, an identifier of a profile to betransferred (e.g. Profile ID, MSISDN or IMSI), and an identifier of thesecond embedded secure element 108.

In step 615, the first profile manager 103 finds the address of aprofile provider 102 related to the first embedded secure element 107through communication with the address search server 111. As describedabove, when the first profile manager 103 directly maintains suchaddresses, step 615 may be skipped.

In step 620, the first profile manager 103 forwards the received profiletransfer request message to the profile provider 102.

Subsequently, steps 620 to 675 are identical or similar to steps 520 to575 of FIG. 5, and hence a detailed description thereof is omitted.

FIG. 7 is a block diagram of a profile provider according to anembodiment of the present invention.

Referring to FIG. 7, the profile provider includes a communication unit710 and a control unit 720.

The communication unit 710 sends and receives signals, which arerequired to realize at least part of the embodiments described inconnection with FIGS. 1 to 6. For example, in FIG. 7, the communicationunit 710 receives a profile transfer request message and sends a profilebackup request message. The communication unit 710 sends an updaterequest message for the K to the AuC and receives a corresponding resultmessage. In addition, the communication unit 710 sends and receivesencrypted profiles.

The control unit 720 performs processing required to realize at leastpart of the embodiments described in connection with FIGS. 1 to 6 andcontrols individual components of the profile provider accordingly. Inparticular, in FIG. 7, the control unit 720 decrypts an encryptedprofile and encrypts a plaintext profile.

FIG. 8 is a block diagram of a profile manager according to anembodiment of the present invention.

Referring to FIG. 8, the profile manager includes a communication unit810 and a control unit 820.

The communication unit 810 sends and receives signals, which arerequired to realize at least part of the embodiments described inconnection with FIGS. 1 to 6. For example, in FIG. 8 the communicationunit 810 sends and receives a profile transfer request message and aprofile backup request message. In addition, the communication unit 810sends and receives encrypted profiles.

The control unit 820 performs processing required to realize at leastpart of the embodiments described in connection with FIGS. 1 to 6 andcontrols individual components of the profile manager accordingly.

FIG. 9 is a block diagram of a mobile terminal according to anembodiment of the present invention.

Referring to FIG. 9, the mobile terminal includes a communication unit910 and a control unit 920. The control unit 920 includes an embeddedsecure element 930.

The communication unit 910 sends and receives signals, which arerequired to realize at least part of the embodiments described inconnection with FIGS. 1 to 6. For example, in FIG. 9, the communicationunit 910 sends and receives a profile transfer request message and aprofile backup request message. In addition, the communication unit 910sends and receives encrypted profiles.

The control unit 920 performs processing required to realize at leastpart of the embodiments described in connection with FIGS. 1 to 6 andcontrols individual components of the mobile terminal accordingly. Inparticular, in FIG. 9, the control unit 920 installs a profile in theembedded secure element 930 or uninstalls a profile therefrom. Thecontrol unit 920 encrypts or decrypts a profile. Among steps performedby the embedded secure element 930, some steps suitable for externalprocessing may be performed by an entity external to the embedded secureelement 930.

With regard to a removable UICC, when changing a terminal from a firstterminal to a second terminal, the UICC is removed from the firstterminal and be is inserted into the second terminal. In this case, as aphysical card is transferred, the problem of card copying or duplicationbetween two terminals does not arise.

In an environment where a software profile corresponding to one existingUICC is transferred between two embedded secure elements of differentterminals, the problem of illegitimate copying or duplicated usage of aprofile may arise. Additionally, in the event that a failure occurswhile the profile of a first mobile terminal is copied to a secondmobile terminal and is removed, both the first mobile terminal and thesecond mobile terminal may use the profile or neither may use theprofile. This is an erroneous situation.

According to various embodiments of the present invention, when a userpurchases a new mobile terminal or replaces an existing mobile terminal,the existing profile of the first mobile terminal can be safelytransferred to the second mobile terminal. Moreover, after the profileis successfully transferred, only the second profile of the secondmobile terminal is usable. When a failure occurs during profiletransfer, the initial state is restored and only the first profile ofthe first mobile terminal is usable. Hence, characteristics oftransaction processing (all or nothing) are achieved. In addition toapplications provided initially by the MNO, applications added later tothe profile (e.g. NFC banking/card application) and data added by theuser (e.g. phonebook) may be transferred. In one embodiment of thepresent invention, unlike an existing removable UICC (which carries allstored data when removed from or inserted into a terminal), it ispossible to back up and transfer all or a portion of the contents of aprofile according to user or MNO selection.

The backed-up first profile is reconfigured by the profile providingserver into a second profile through data addition or modification sothat the second profile is installable in the second embedded secureelement. When a profile is backed up, security information such as USIMkey (K) is excluded from the backup target. Hence, the security risk isminimized even if the backed-up profile is leaked.

During profile reconfiguration, the first eSE ID is replaced with thesecond eSE ID so that the second profile is operable only in the secondembedded secure element, preventing illegitimate profile copying. Inaddition, when the second profile is generated, the K managed by the AuCis changed. Hence, even when the first profile is not removed from thefirst embedded secure element, the first profile cannot beillegitimately used. Thereby, a security mechanism is provided.

In an embodiment of the present invention, security sensitiveinformation (e.g. authentication key K of the USIM application) in thecontents of a profile is not backed up, and the profile providing serveradds corresponding data during profile reconfiguration, therebyminimizing the risk due to leakage. In the present invention, it ispossible for the user or manager to designate applications and data tobe backed up or transferred.

As described above, when a profile is successfully copied to the newembedded secure element, the profile is deleted from the old embeddedsecure element. It is necessary to cope with the possibility that twocopies of the same profile are present in two mobile terminals due toone copy not being deleted because of an error or malicious intent. Inan embodiment of the present invention, when a new profile isconfigured, the profile provider changes the USIM K and updates the AuCaccordingly, preventing access to the communication network using theold profile.

As described above, it is necessary to prevent a profile from beingcopied to another embedded secure element without permission.

In an embodiment of the present invention, a profile is configured toinclude the identifier of the embedded secure element in which theprofile is to be installed (eSE ID) and an associated digital signature,so that the profile is either not installable or is inoperable in adifferent embedded secure element. The digital signature prevents theeSE ID from being modified. The digital signature may be generated onthe basis of a concatenation of important parameters in the profile(e.g. profile ID, eSE ID and IMSI) and a public key of the certificateof the profile providing server. Other similar schemes may be used togenerate the digital signature. When the profile is transferred, theprofile provider may change certain values and regenerate the digitalsignature.

It is known to those skilled in the art that blocks of a flowchart (orsequence diagram) and a combination of flowcharts may be represented andexecuted by computer program instructions. These computer programinstructions may be loaded on a processor of a general purpose computer,special purpose computer or programmable data processing equipment. Whenthe loaded program instructions are executed by the processor, theycreate a means for carrying out functions described in the flowchart. Asthe computer program instructions may be stored in a computer readablememory that is usable in a specialized computer or a programmable dataprocessing equipment, it is also possible to create articles ofmanufacture that carry out functions described in the flowchart. As thecomputer program instructions may be loaded on a computer or aprogrammable data processing equipment, when executed as processes, theymay carry out steps of functions described in the flowchart.

A block of a flowchart may correspond to a module, a segment or codecontaining one or more executable instructions implementing one or morelogical functions, or to a part thereof. In some cases, functionsdescribed by blocks may be executed in an order different from thelisted order. For example, two blocks listed in sequence may be executedat the same time or executed in reverse order.

In the description, the word “unit”, “module” or the like may refer to asoftware component or hardware component such as a Field ProgrammableGate Array (FPGA) or an Application Specific Integrated Circuit (ASIC)capable of carrying out a function or an operation. However, “unit” orthe like is not limited to hardware or software. A unit or the like maybe configured so as to reside in an addressable storage medium or todrive one or more processors. Units or the like may refer to softwarecomponents, object-oriented software components, class components, taskcomponents, processes, functions, attributes, procedures, subroutines,program code segments, drivers, firmware, microcode, circuits, data,databases, data structures, tables, arrays or variables. A functionprovided by a component and unit may be a combination of smallercomponents and units, and may be combined with other components andunits to compose large components and units. Components and units may beconfigured to drive a device or one or more processors in a securemultimedia card.

The above description is provided to assist in a comprehensiveunderstanding of various embodiments of the present invention. Itincludes various specific details to assist in that understanding butthese are to be regarded as mere examples. Accordingly, those ofordinary skill in the art will recognize that various changes andmodifications of the embodiments described herein can be made withoutdeparting from the scope and spirit of the present disclosure.

Embodiments of the present invention have been described with referenceto the accompanying drawings. Specific terms or words used in thedescription should be construed in accordance with the spirit of thepresent invention without limiting the subject matter thereof. It shouldbe understood that many variations and modifications of the basicinventive concept described herein will still fall within the spirit andscope of the present invention as defined in the appended claims andtheir equivalents.

What is claimed is:
 1. A method of setting profiles for a profileserver, the method comprising: receiving, from a first terminal, aprofile transfer request message that requests transfer of a firstprofile or portion thereof from a first secure element to a secondsecure element; sending, to the first terminal, a request messagerequesting the first profile or portion thereof; receiving, from thefirst terminal, the first profile or portion thereof; configuring asecond profile using the received first profile or portion thereof; andsending, to a second terminal, the configured second profile.
 2. Themethod of claim 1, further comprising: sending, if the second profile issuccessfully installed in the second secure element, a messagerequesting update of a security value related to the second profile toan authentication center (AuC).
 3. The method of claim 1, wherein thefirst profile or portion thereof is encrypted and transmitted using apublic key of the profile sever.
 4. The method of claim 1, wherein theprofile server includes at least one of a profile manager server and aprofile provider server.
 5. The method of claim 1, wherein the profiletransfer request message includes at least one of an identifier of thefirst terminal, an identifier of the second terminal, a profileidentifier, a Mobile Subscriber Integrated Services DigitalNetwork-Number (MSISDN, phone number), and an International MobileSubscriber Identity (IMSI).
 6. A profile server, comprising: acommunication unit configured to receive, from a first terminal, aprofile transfer request message that requests transfer of a firstprofile or portion thereof from a first secure element to a secondsecure element, to send, to the first terminal, a request messagerequesting the first profile or a portion thereof, and to receive, fromthe first terminal, the first profile or a portion thereof; and acontroller configured to configure a second profile using the receivedthe first profile or portion thereof and to control sending, to a secondterminal, the configured second profile.
 7. The profile server of claim6, wherein the communication unit sends, if the second profile issuccessfully installed in the second secure element, a messagerequesting update of a security value related to the second profile toan authentication center (AuC).
 8. The profile server of claim 6,wherein the first profile or portion thereof is encrypted andtransmitted using a public key of the profile sever.
 9. The profileserver of claim 6, further comprising at least one of a profile managerserver and a profile provider server.
 10. The profile server of claim 6,wherein the profile transfer request message includes at least one of anidentifier of the first terminal, an identifier of the second terminal,a profile identifier, an MSISDN, phone number, and an IMSI.
 11. A methodof setting profiles for a terminal, the method comprising: sending, to aprofile sever, a profile transfer request message that requests transferof a first profile or portion thereof from a first secure element to asecond secure element; receiving, from the profile server, a requestmessage requesting the first profile or a portion thereof; and sending,to the profile sever, the first profile or a portion thereof, wherein asecond profile for the second secure element is configured using thefirst profile or a portion thereof.
 12. The method of claim 11, furthercomprising: encrypting the first profile or a portion thereof using apublic key of the profile sever.
 13. The method of claim 11, wherein theprofile transfer request message includes at least one of an identifierof a first terminal, an identifier of a second terminal, a profileidentifier, an MSISDN, phone number, and an IMSI.
 14. A terminal,comprising: a communication unit configured to send, to a profile sever,a profile transfer request message that requests transfer of a firstprofile or a portion thereof from a first secure element to a secondsecure element and to receive, from the profile server, a requestmessage requesting the first profile or a portion thereof; and acontroller configured to control sending, to the profile sever, thefirst profile or a portion thereof, wherein a second profile for thesecond secure element is configured using the received first profile orportion thereof.
 15. The terminal of claim 14, wherein the controllerencrypts the first profile or portion thereof using a public key of theprofile sever.